the-djmaze/snappymail
1
1
Fork 0
mirror of https://github.com/the-djmaze/snappymail.git synced 2024-09-20 07:35:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

Resolve #1754

Browse source
This commit is contained in:
the-djmaze 2024-09-17 10:09:57 +02:00
parent bd2ffe5078
commit a6ff022c0e
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
snappymail/v/0.0.0/app/libraries/RainLoop/ServiceActions.php
View file

@ -100,14 +100,14 @@ class ServiceActions
if ($_SERVER['HTTP_X_SM_TOKEN'] !== $token) { if ($_SERVER['HTTP_X_SM_TOKEN'] !== $token) {
$oAccount = $this->oActions->getAccountFromToken(false); $oAccount = $this->oActions->getAccountFromToken(false);
$sEmail = $oAccount ? $oAccount->Email() : 'guest'; $sEmail = $oAccount ? $oAccount->Email() : 'guest';
$this->oActions->logWrite("{$_SERVER['HTTP_X_SM_TOKEN']} !== {$token} for {$sEmail}", \LOG_ERROR, 'Token'); $this->oActions->logWrite("{$_SERVER['HTTP_X_SM_TOKEN']} !== {$token} for {$sEmail}", \LOG_ERR, 'Token');
throw new Exceptions\ClientException(Notifications::InvalidToken, null, 'HTTP Token mismatch'); throw new Exceptions\ClientException(Notifications::InvalidToken, null, 'HTTP Token mismatch');
} }
} else if ($this->oHttp->IsPost()) { } else if ($this->oHttp->IsPost()) {
if (empty($_POST['XToken']) || $_POST['XToken'] !== $token) { if (empty($_POST['XToken']) || $_POST['XToken'] !== $token) {
$oAccount = $this->oActions->getAccountFromToken(false); $oAccount = $this->oActions->getAccountFromToken(false);
$sEmail = $oAccount ? $oAccount->Email() : 'guest'; $sEmail = $oAccount ? $oAccount->Email() : 'guest';
$this->oActions->logWrite("{$_POST['XToken']} !== {$token} for {$sEmail}", \LOG_ERROR, 'XToken'); $this->oActions->logWrite("{$_POST['XToken']} !== {$token} for {$sEmail}", \LOG_ERR, 'XToken');
throw new Exceptions\ClientException(Notifications::InvalidToken, null, 'XToken mismatch'); throw new Exceptions\ClientException(Notifications::InvalidToken, null, 'XToken mismatch');
} }
} }